Web Servers : IBM WebSphere Application Server Liberty Profile Multiple Vulnerabilities (swg21697368)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.807621

Categoría: Web Servers

Título: IBM WebSphere Application Server Liberty Profile Multiple Vulnerabilities (swg21697368)

Resumen: IBM WebSphere Application Server Liberty Profile is prone to; multiple vulnerabilities.

Descripción: Summary:
IBM WebSphere Application Server Liberty Profile is prone to
multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- The Run-as user for EJB not being honored under multi-threaded race conditions.

- An error with the authData elements.

- An improper handling of configuration data in SNMP implementation.

Vulnerability Impact:
Successful exploitation will allow remote attackers to gain
elevated privileges on the system, also to obtain sensitive information.

Affected Software/OS:
IBM WebSphere Application Server Liberty Profile version 8.5.x
prior to 8.5.5.5.

Solution:
Update to version 8.5.5.5 or later.

CVSS Score:
8.5

CVSS Vector:
AV:N/AC:M/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-1882
AIX APAR: PI33357
http://www-01.ibm.com/support/docview.wss?uid=swg1PI33357
BugTraq ID: 74222
http://www.securityfocus.com/bid/74222
http://www.securitytracker.com/id/1032190
Common Vulnerability Exposure (CVE) ID: CVE-2015-0175
AIX APAR: PI33008
http://www-01.ibm.com/support/docview.wss?uid=swg1PI33008
Common Vulnerability Exposure (CVE) ID: CVE-2015-0174
AIX APAR: PI21072
http://www-01.ibm.com/support/docview.wss?uid=swg1PI21072

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.807621
Categoría:	Web Servers
Título:	IBM WebSphere Application Server Liberty Profile Multiple Vulnerabilities (swg21697368)
Resumen:	IBM WebSphere Application Server Liberty Profile is prone to; multiple vulnerabilities.
Descripción:	Summary: IBM WebSphere Application Server Liberty Profile is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - The Run-as user for EJB not being honored under multi-threaded race conditions. - An error with the authData elements. - An improper handling of configuration data in SNMP implementation. Vulnerability Impact: Successful exploitation will allow remote attackers to gain elevated privileges on the system, also to obtain sensitive information. Affected Software/OS: IBM WebSphere Application Server Liberty Profile version 8.5.x prior to 8.5.5.5. Solution: Update to version 8.5.5.5 or later. CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1882 AIX APAR: PI33357 http://www-01.ibm.com/support/docview.wss?uid=swg1PI33357 BugTraq ID: 74222 http://www.securityfocus.com/bid/74222 http://www.securitytracker.com/id/1032190 Common Vulnerability Exposure (CVE) ID: CVE-2015-0175 AIX APAR: PI33008 http://www-01.ibm.com/support/docview.wss?uid=swg1PI33008 Common Vulnerability Exposure (CVE) ID: CVE-2015-0174 AIX APAR: PI21072 http://www-01.ibm.com/support/docview.wss?uid=swg1PI21072
Copyright	Copyright (C) 2016 Greenbone AG